General
-
Target
mssecsvr.exe.7z
-
Size
2.0MB
-
Sample
230621-jhmp1shd3x
-
MD5
a771b27b61e81f52d2487c0c96cbee1f
-
SHA1
83a605d1ee70450298498fbf64ffef620ad05201
-
SHA256
e06cfb333c976378b2787af2a18a141dd00890a23bbe8b5cb989ca1629cd6ab0
-
SHA512
4adba8c51737f153c22e51267505bd50859966cae32fb5eb1c00a0ff9e7b666fc6a211e291130443b3a996e179730d8e83117803fdefb55485804e9f2e8b3c35
-
SSDEEP
49152:OCx0EYSsTtqJLJQ4E49ihSSez1S2atYoBjPZviKSYJX:DavIJd9EYSptYoBjPAKSEX
Static task
static1
Behavioral task
behavioral1
Sample
mssecsvr.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
mssecsvr.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
mssecsvr.exe
-
Size
2.2MB
-
MD5
3a727730db2d2b20b093a59826019682
-
SHA1
7983a79633ccbdd8887855bc08a1d40e81af48c9
-
SHA256
9b99727cf2f51e83a312118ae45cc776c6c970ffbea4c4521d98b49d95e6e391
-
SHA512
618515d2810f6dbf4a431457fec57ffc88e23c4da30fa09222a036230d6df2571f33aebc794040523da910cd2a86dd1954ab32f34487ec1a1fdc4c9b867e1980
-
SSDEEP
49152:QnsEMSPbcBVQejUINRx+TSqTdX1HkQo6SAARdhnvn:QfPoBhIaRxcSUDk36SAEdhvn
Score10/10-
Contacts a large (3236) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1421) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-